SIGS Kick Off – IT Security Strategy 2018 and beyond:
Challenges & Priorities
|Target Audience||Information Security Professionals CIO’s, CISO, IT Manager, Security Engineers and all other persons who are responsible and interested in Security
Vendors, Suppliers and Consultants which don’t help to sponsor and therefore support this platform are not authorized to take part
|CPE Credits||Earn 4 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation.|
Shuttle from and to the train station or maybe a hotel in Rümlang is organized – take the Swiss Taxi 24
|Date of Event||18th of January 2018|
|Schedule||see agenda below|
|Participation Costs||Fr. 95.— per participants
Speeches, Apéro, Dinner and all beverages included
|Especially||No contact details or email addresses will be provided to any sponsor. The presentations will not be published after the event – it’s a closed community!|
|1:00 – 2:00 pm||Registration & Coffee|
|2:00 – 2:15 pm||Welcome & Introduction by SIGS and the moderator Amar Singh, CISO and Founder at Cyber Management Alliance
|Amar Singh is an industry influencer and leader, founder of a not-for-profit organization Give01Day.com and the Cyber Management Alliance and Chair of ISACA’s UK Security Advisory Group.
Amar is engaged as a trusted business and cyber security advisor, mentor to C-level executives, and a consultant to organizations who need to reduce their risk exposure, deploy post incident remediation, build security teams, increase cyber resiliency and mature their information security and data privacy posture.
|2:15 – 2:45 pm||Dr. John I. Meakin, formerly Chief Security & Risk Officer at Burberry UK|
|Dr. John I. Meakin has recently retired as a Chief Security & Risk Officer and now advises a number of businesses on cyber risk. Dr. Meakin is a specialist in information and systems security with more than 25 years experience. Most recently he was Chief Security Officer for the luxury goods conglomerate Richemont International SA (Cartier, Montblanc, Piaget, etc) in Geneva, with oversight over physical, information and cyber security.Previously, he has built and led security functions in a range of Banks, notably the Royal Bank of Scotland, Dresdner Bank and Standard Chartered Bank. He has also been Chief Information Security Officer of BP and Reuters. He was a founding board member of the Jericho Forum, and has served on the Customer Advisory Boards of the specialist security product companies Skybox Security, Qualys, Veracode and Watchfire, as well as Microsoft, IBM and HPE.
He is a regular speaker at industry conferences and public forums on a variety of risk and security topics. He has a Ph.D. in experimental solid state physics from Cambridge University.
Cyber Security for Digitised Business 2018 and beyond
|2:45 – 3:15 pm||Florian Schütz, Head IT Risk & Security at Zalando SE|
|As Head of IT Risk and Security Florian is responsible for the protection of the core platform and the complete value chain of Zalando. With his teams Florian rethinks how security can be done in an agile, de-centralised, fast growing organisation that grants its more than 1´700 IT Engineers large degrees of autonomy.
In his spare time, Florian loves to travel. Preferably he enjoys to make his travel more adventurous going by motorcycle and explore the world off the beaten track.
E-Commerce Security Challenges in 2018 and beyond
|3:15 – 4:00 pm||Break|
|4:00 – 4:30 pm||Jonathan Sinclair, Associate Director Information Security at Celgene International|
|Jonathan Sinclair is an active IT security professional whose operated successfully at all levels of the corporate chain, with roles including: developer; engineer; pen-tester; reverser; service owner; architect and director.
He’s spent most of his professional career focused around the pharmaceutical area, however he’s also consulted and deployed security solutions to the financial, governmental and NGO business verticals.
Alongside his professional engagements he was the founding member of the Swiss Honeynet Project, has conducted research into unique stains of malware, presented on the emerging topic of Explainable AI, contributed to the fileless malware knowledge base and published papers on the legal ramifications of autonomous vehicles.
The cyber security hype-cycle is upon us. Is there a wave to be ridden or shall we keep our heads down until the disruption passes?
Is this really something innovative or are old ideas being recycled? In this presentation I will give you an idea about what I see will be important for 2018.
|4:30 – 5:00 pm||Stephan Pfirter, Divisional Information Security Officer at UBS AG|
|Stephan Pfirter is a Divisional Information Security Officer of UBS AG. He has more than 17 years of experience in Information Security , where he held various technical and managerial roles.
His current mandate includes enabling the business, whilst at the same time protecting the organisation by properly balancing cost, benefit and the level of residual risk.
A topic in 2018 and definitively as well beyond
In my presentation I will show you the typical reasons for this reaction and potential ways out. Maybe some hints you can use in 2018 and as well in future.
|5:00 – 5:30 pm||Herbert Abben, Director SANS Institute EMEA|
|Herbert Abben has been a leader in the IT training industry for 25 years. Among other responsibilities, he has founded and established the New Horizons Training Center network in Germany, created and provided a job portal exclusively for the Microsoft partner channel and worked for several years in the global advisory council of Microsoft Learning.
Today, he is Director of the SANS Institute EMEA, responsible for the DACH region. In his spare time he plays tennis and is also active in the field of training: communication training for medium and small companies in his community is his hobby.
The shortage of skilled IT security professionals – more important than technology!?
In his presentation, Herbert Abben discusses some new and innovative ways in order to win the “war for talent”.
|5:30 – 6:00 pm||Podiums Discussion moderated by Amar Singh|
|6:00 – 7:00 pm||Apéro|
|7:00 – 8:30 pm||Dinner (buffet with hopefully something for everyone)|
|8:30 – 9:00 pm||Severin Wischmann, Senior Penetration Tester & IT Forensics Specialist at Oneconsult|
|Severin Wischmann has studied computer science at the Swiss Federal Institute of Technology (ETH) in Zurich, one semester of which he spent in Sweden at Lund University. During his master studies he specialized in IT security and wrote his master thesis in the field of hardware security.
Severin has worked as a teaching assistant at the ETH focusing on programming and as a software engineer for an e-commerce company doing web application development. He joined Oneconsult in October 2014 as a penetration tester and IT forensics specialist and became a senior penetration tester in April 2017.
Severin is an Offensive Security Certified Professional (OSCP), a GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), holds the GIAC Reverse Engineering Malware (GREM) certificate, is an OSSTMM Professional Security Tester (OPST) and an OSSTMM Professional Security Analyst (OPSA).
Phishing – one click away from disaster
Employees are often trained to not open attached documents in emails received from unknown senders and to never enter any credentials as neither a financial institute nor the IT desk would ever ask for them. But a lot of users will still click on embedded links. This is mostly due to curiosity, but also has a lot to do with company guidelines and practices. A lot of emails still contain legitimate links, which just lowers users’ awareness of security risks associated with visiting arbitrary websites.
In this segment potential risks of visiting arbitrary websites as well as embedding advertisements from third parties are demonstrated with a practical demonstration.
|9:00 – open end||Desert, Networking and Know How Sharing to the topic IT Security Strategy 2017
The Sponsors of this event are:
This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.
So don’t wait and register here
Cancellations of registration are free of charge until 60 days prior to the event. Cancellations received after this point will incur 50% of the admission fee. 30 days prior to the event we have to invoice the full amount if you cancel. You will get back payment for the respective amount.
In any case, however, a delegate may be sent at no additional cost